Results 1 to 6 of 6
Like Tree9Likes
  • 2 Post By flynnaus
  • 1 Post By 338
  • 5 Post By Javaphile
  • 1 Post By TampIt

Thread: Major vulnerability in WiFi's WPA2 found

  1. #1
    Super Moderator Javaphile's Avatar
    Join Date
    Dec 2004
    Location
    Earth!
    Posts
    14,202

    Major vulnerability in WiFi's WPA2 found

    We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
    Full article can be read here.


    Java "Things that make you go Hhhmmmm..." phile
    Toys! I must have new toys!!!

  2. #2
    Senior Member flynnaus's Avatar
    Join Date
    May 2008
    Location
    Sydney
    Posts
    3,697
    Interesting and concerning. I wonder if this means the return of warchalking to exploit this vulnerability?
    Hopefully equipment suppliers will be quick to release patches (apparently Apple has already done so).
    In the meantime ...
    https://techcrunch.com/2017/10/16/he...vulnerability/
    Javaphile and matth3wh like this.

  3. #3
    338
    338 is offline
    Senior Member
    Join Date
    Mar 2017
    Location
    Sydney
    Posts
    212
    Thanks Javaphile, don't know if I should thank you or curse you for giving me one more thing to worry about ��
    trentski likes this.

  4. #4
    Super Moderator Javaphile's Avatar
    Join Date
    Dec 2004
    Location
    Earth!
    Posts
    14,202
    Thank me now and then thank me a 2nd time once you're patched?


    Java "Passing it on" phile
    Toys! I must have new toys!!!

  5. #5
    Senior Member matth3wh's Avatar
    Join Date
    Jul 2009
    Location
    Mid North Coast NSW
    Posts
    767

    Exclamation

    Thankfully Microsoft seem to be ahead of the curve on this one... patched on 10th October.

    Hang on, I'm currently using a Mac. Doh! - Coming soon though...

    "The exploits have been addressed in the iOS, tvOS, watchOS, and macOS betas that are currently available to developers and will be rolling out to consumers soon."

    Fair few Ubiquiti wireless access points to patch at work.

  6. #6
    Senior Member
    Join Date
    Aug 2013
    Location
    Rockingham W.A.
    Posts
    958
    As a guy who founded an IS company that designed over 2000 WAN's, it may surprise you guys that I have NOTHING on any wireless, even my video surveillance cameras are hard wired in. For anyone who fully understands TCP/IP and the transport protocols the reason is obvious. Never found a wireless I couldn't walk through, and compared to the hacker convention guys my skills in hacking are at the Sesame Street level (if even that high).

    My smartphone has all 'net turned off and I am probably going to spend $81 and go back to the "dumb Nokia" as the Android OS is a PITA and I am well past tech that annoys - the damn thing nags me daily to update programs I do not use or want. Reminds me of my mates 2015 Mazda 6 - shudder - the one we nicknamed Mrs Nag.

    Several ex-clients of mine who had their surveillance systems converted to wireless got hacked & burgled (doh!) and returned to be hard wired again. So much easier to nail down the security.

    Meanwhile the world spends more power on unneeded wireless than most African countries consume... Just so some idiot without a memory can act like a "google hero" at a cafe. Energy crisis? What energy crisis?

    TampIt
    trentski likes this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •